Still fighting openldap
Josh Miller
joshua at itsecureadmin.com
Tue Feb 19 20:22:42 UTC 2008
m.roth2006 at rcn.com wrote:
> I've tried changing the first stanza to:
> access: to attrs=shadowLastChange,userPassword
> by * read
> by self write
> by anonymous auth
Do you get startup errors in your logs? Can you verify that your server
is reading these ACLs? You keep adding a colon after access on the
first ACL and I'm not sure that it would work -- and in fact, this would
explain your "next problem".
Do you see the colon?
You do not need to give access to shadowLastChange to your users, that
value is maintained by OpenLDAP.
HTH,
--
Joshua M. Miller - RHCE,VCP
More information about the redhat-list
mailing list